crypto

package
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 16, 2018 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package crypto provides signing functionality for Trillian.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func SignatureAlgorithm 

func SignatureAlgorithm(k gocrypto.PublicKey) sigpb.DigitallySigned_SignatureAlgorithm

SignatureAlgorithm returns the algorithm used for this public key. Only ECDSA and RSA keys are supported. Other key types will return sigpb.DigitallySigned_ANONYMOUS.

func Verify 

func Verify(pub crypto.PublicKey, hasher crypto.Hash, data, sig []byte) error

Verify cryptographically verifies the output of Signer.

func VerifySignedLogRoot added in v1.0.8 

func VerifySignedLogRoot(pub crypto.PublicKey, hash crypto.Hash, r *trillian.SignedLogRoot) (*types.LogRootV1, error)

VerifySignedLogRoot verifies the SignedLogRoot and returns its contents.

func VerifySignedMapRoot added in v1.1.0 

func VerifySignedMapRoot(pub crypto.PublicKey, hash crypto.Hash, smr *trillian.SignedMapRoot) (*types.MapRootV1, error)

VerifySignedMapRoot verifies the signature on the SignedMapRoot. VerifySignedMapRoot returns MapRootV1 to encourage safe API use. It should be the only function available to clients that returns MapRootV1.

Types

type Signer 

type Signer struct {
	KeyHint []byte
	Hash    crypto.Hash
	Signer  crypto.Signer
}

Signer is responsible for signing log-related data and producing the appropriate application specific signature objects.

func NewSHA256Signer 

func NewSHA256Signer(signer crypto.Signer) *Signer

NewSHA256Signer creates a new SHA256 based Signer and a KeyID of 0. TODO(gbelvin): remove

func NewSigner added in v1.1.0 

func NewSigner(keyID int64, signer crypto.Signer, hash crypto.Hash) *Signer

NewSigner returns a new signer. The signer will set the KeyHint field, when available, with KeyID.

func (*Signer) Public 

func (s *Signer) Public() crypto.PublicKey

Public returns the public key that can verify signatures produced by s.

func (*Signer) Sign 

func (s *Signer) Sign(data []byte) ([]byte, error)

Sign obtains a signature after first hashing the input data.

func (*Signer) SignLogRoot added in v1.0.5 

func (s *Signer) SignLogRoot(r *types.LogRootV1) (*trillian.SignedLogRoot, error)

SignLogRoot returns a complete SignedLogRoot (including signature).

func (*Signer) SignMapRoot added in v1.0.5 

func (s *Signer) SignMapRoot(r *types.MapRootV1) (*trillian.SignedMapRoot, error)

SignMapRoot hashes and signs the supplied (to-be) SignedMapRoot and returns a signature.

Source Files

View all Source files

Directories

Path Synopsis
Package keys provides access to public and private keys for signing and verification of signatures.
 Package keys provides access to public and private keys for signing and verification of signatures.
der
der/proto
Package proto registers a DER keys.ProtoHandler using keys.RegisterHandler.
 Package proto registers a DER keys.ProtoHandler using keys.RegisterHandler.
pem
pem/proto
Package proto registers a PEM keys.ProtoHandler using keys.RegisterHandler.
 Package proto registers a PEM keys.ProtoHandler using keys.RegisterHandler.
pkcs11
Package pkcs11 provides access to private keys using a PKCS#11 interface.
 Package pkcs11 provides access to private keys using a PKCS#11 interface.
pkcs11/proto
Package proto registers a PKCS#11 keys.ProtoHandler using keys.RegisterHandler.
 Package proto registers a PKCS#11 keys.ProtoHandler using keys.RegisterHandler.
testonly
Package testonly contains code and data that should only be used by tests.
 Package testonly contains code and data that should only be used by tests.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.